This iRule allows you to bypass MSM (Mail Security Module) for known-good senders by disabling all subsequent iRules (including the MSM iRule) for addresses in a specified class of allowlisted IP addresses.
The Class
First create a data group list (class) of type Address that contains the IP addresses and/or subnets from which mail will always be accepted: class allow_list { host 10.10.10.1 net 192.168.0.0 255.255.0.0 }
Then apply the following iRule to the same virtual server to which MSM is associated:
How to use this snippet:
Code :
priority 1
when CLIENT_ACCEPTED {
if { [matchclass [IP::client_addr] equals $::allow_list] } {
log local0. "client: [IP::client_addr] found in allow_list directed to http_test_pool"
pool http_test_pool
event disable all
}
elseif { [matchclass [IP::client_addr] equals $::deny_list] } {
log local0. " client: [IP::client_addr] found in deny_list directed to http_test_pool_2"
pool http_test_pool_2
# or discard
event disable all
}
}
